Flaws Found in Two Symantec AppsBy Dennis Fisher | Print
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
Norton AntiSpam and Norton Internet Security each have a flaw allowing an attacker to run code on remote machines; Symantec offers fixes.
Vulnerabilities weaken two of Symantec Corp.'s more popular security applications, Norton AntiSpam and Norton Internet Security, researchers have found.
Both flaws enable attackers to run code on remote machines.
The two weaknesses, one in each product, are similar in that they both involve ActiveX controls. The vulnerability in Norton Internet Security and Norton Internet Security Professional affects an ActiveX component called WrapNISUM Class, which is marked safe for scripting.
Symantec, based in Cupertino, Calif., has produced fixes for both of the problems, which are available via its LiveUpdate service.